﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using DoeObjects;
using DoeLibsMVC.Security;

namespace DoeLibsMVC.Controllers.api
{
	public class UserDeleteController : BaseApiController
	{
		[BasicAuthorize(Roles = UserCategoryHelper.STAFF_CATEGORY)]
		public HttpResponseMessage Get(int id)
		{
			Models.UserDeleteModel model = new Models.UserDeleteModel(id);
			model.FromUser = DoeObjects.User.getUserByUserId(id);
			if (model.FromUser == null)
				return Request.CreateResponse(HttpStatusCode.NotFound);
			if (model.FromUser.IsPendingExpiration)
				return Request.CreateResponse(HttpStatusCode.BadRequest);

			model.FromUser.Password = "";
			model.FromUser.Salt = "";
			model.UserLoanables = Loanable.getLoanablesByOwner(model.FromUser.UserId);

			return Request.CreateResponse<Models.UserDeleteModel>(HttpStatusCode.OK, model);
		}

		/// <summary>
		/// 
		/// </summary>
		/// <param name="id"></param>
		/// <returns></returns>
		[BasicAuthorize(Roles = UserCategoryHelper.STAFF_CATEGORY)]
		public HttpResponseMessage Delete(Models.UserDeleteModel model)
		{
			if (model.FromUser == null || model.ToUserId == null)
				return Request.CreateResponse(HttpStatusCode.NotFound);

			if (model.FromUser.expireUser(model.TransferLoanablesIds, model.ToUserId))
				return Request.CreateResponse(HttpStatusCode.OK);
			else
				return Request.CreateResponse(HttpStatusCode.InternalServerError);
		}
	}
}